Azure Application Gateway support Open ID connect Authentication

0
votes

I have an azure web app , which has open id connect authentication configured with Azure AD For this , i had created a new app under App Registrations in Azure Active Directory and configured the Redirect URL as /signin-oidc . So when i try to login to the app service url , it first redirects to the redirect url and then to https://login.microsoftonline.com and passes the client id ,tenant etc details in the query string and works perfectly fine. So i can login with my azure ad user credentials

The Web Application is working perfectly fine with Open ID Connect with Azure AD.

When i front Azure Web App , with an Azure Application Gateway , it directly redirects to /signin-oidc and stops there . I tried redirect options also. Does Azure Application Gateway support -open id connect authentication with Azure AD. ?

2
azure-web-app-serviceazure-application-gateway

2 Answers

0
votes

Same scenario here, an App Service behind an Application Gateway. Here's what worked:

The BuildRedirectUri method in Microsoft.AspNetCore.Authentication.AuthenticationHandler<> builds the redirect URI concatenating, among other values, the Resquest.Host string. That's why the App Service host was being used instead of the Gateway's.

So, the following code snipped was added to the Configure() method of Startup.cs:

if (env.IsProduction())
{
    app.Use((context, next) =>
    {                    
         context.Request.Host = new HostString("<gateway.host>");
         return next();
    });
}
0
votes

Yes , we can use application gateway with open id authentication. In my case, SSL certificate was missing and i got it working once added.